CompTIA CySA+ CS0-003 Practice Question

While conducting vulnerability assessments, an information security analyst is calculating risk scores to prioritize remediation efforts. Which factor should be MOST heavily weighted to ensure the risk score accurately reflects the urgency of addressing the vulnerability within the organization's specific context?

  • The percentage of industry peers that have mitigated the vulnerability

  • The average time it has taken the organization to patch vulnerabilities with similar complexity in the past

  • The exposure of high-value assets to the vulnerability and the potential business impact

  • The number of false positives generated in vulnerability scanners for the same category of vulnerabilities

  • The difficulty level associated with the exploitation of the vulnerability as rated by an external security advisory

  • The ratio of internal to external systems affected by the vulnerability

CompTIA CySA+ CS0-003
Reporting and Communication
Your Score:
Settings & Objectives

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot